I have posted the configuration. Thanks for your interest.

Office Router

version 11.2

service password-encryption

no service udp-small-servers

no service tcp-small-servers

!

username all password 7 01

ip subnet-zero

ip name-server 2xx.xxx.xxx.xxx

ip name-server 2xx.xxx.xxx.xxx

!

interface Ethernet0

description connected to public network

ip address 2aa.yyy.xxx.129 255.255.255.128 [Colo Router has a static route to this

address, ip route 2aa.yyy.xxx.129

255.255.255.255 Serial 1 on Colo Router]

media-type 10BaseT

!

interface Ethernet1

description local network segment

ip address 10.0.0.1 255.255.255.0

media-type 10BaseT

!

interface Serial0

description connected to colo

ip unnumbered Ethernet0

!

interface Serial1

no ip address

shutdown

!

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0

Colo Router

Current configuration:

!

version 10.3

service password-encryption

service udp-small-servers

service tcp-small-servers

!

!

ip subnet-zero

!

interface Ethernet0

description This router port is configured to work on the Ethernet

no ip address

no ip directed-broadcast

shutdown

media-type 10BaseT

no mop enabled

!

interface Ethernet1

ip address 2aa.yy.xxx.2 255.255.255.128

media-type 10BaseT

!

interface Ethernet2

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet3

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet4

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet5

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet6

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet7

no ip address

shutdown

media-type 10BaseT

!

interface Serial0

no ip address

!

interface Serial1

ip unnumbered Ethernet1

encapsulation ppp

!

interface Serial2

no ip address

shutdown

!

interface Serial3

no ip address

shutdown

!

ip name-server 2xx.xxx.xxx.xxx

ip name-server 2xx.xxx.xxx.xxx

ip classless

ip route 0.0.0.0 0.0.0.0 2aa.yyy.xxx.1 [this is the ip address on the ISP router for the

block assigned to us]

ip route 2aa.yyy.xxx.129 255.255.255.255 Serial1 (this is the ip address on my office Ethernet 0, which is ip unnumbered on Serial0 on my office router)

!

Hopefully I edited this before you read it. I initially read your config totally backwards so my response was rather incoherent.

I'm not sure about your 'ip route 2aa.yyy.xxx.129 255.255.255.255' statement. I would think it might be 'ip route 2aa.yyy.xxx.128 255.255.255.128' instead. That wouln't prevent pings originating from .129 from getting a response though. Like you said, you can ping 10.0.0.1.

Maybe your ISP did forget to add a static route back towards you?

I'm still reading backwards. Your 10.0.0.1 is on your office router so of course you can ping it from your office. When you are trying other networks and not getting a response, are you pinging from the router or a host on that shared segment? I still think only having a host route back to your office ethernet interface might be an issue. Seems like you would want a route to the subnet.

I have posted the exact configuration now. Thanks for your help.

Current configuration:

!

version 10.3

service password-encryption

service udp-small-servers

service tcp-small-servers

!

!

ip subnet-zero

!

interface Ethernet0

description This router port is configured to work on the Ethernet

no ip address

no ip directed-broadcast

shutdown

media-type 10BaseT

no mop enabled

!

interface Ethernet1

ip address 207.97.177.2 255.255.255.128

media-type 10BaseT

!

interface Ethernet2

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet3

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet4

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet5

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet6

no ip address

shutdown

media-type 10BaseT

!

interface Ethernet7

no ip address

shutdown

media-type 10BaseT

!

interface Serial0

no ip address

!

interface Serial1

ip unnumbered Ethernet1

encapsulation ppp

!

interface Serial2

no ip address

shutdown

!

interface Serial3

no ip address

shutdown

!

ip name-server 204.97.92.2

ip name-server 205.247.4.28

ip classless

ip route 0.0.0.0 0.0.0.0 207.97.177.1

ip route 207.97.177.129 255.255.255.255 Serial1

!

!

end

Router in my Office

Current configuration:

!

version 11.2

service password-encryption

no service udp-small-servers

no service tcp-small-servers

!

!

username all password 7 01

ip subnet-zero

ip name-server 204.97.92.2

ip name-server 205.247.4.28

!

interface Ethernet0

description connected to public network

ip address 207.97.177.129 255.255.255.128

media-type 10BaseT

!

interface Ethernet1

description local network segment

ip address 10.0.0.1 255.255.255.0

media-type 10BaseT

!

interface Serial0

description connected to colo

ip unnumbered Ethernet0

!

interface Serial1

no ip address

shutdown

!

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0

!

!

end

You still only have a "host route" from your colo to your office ethernet interface. If you do a 'sh ip route' on your colo router, do you see a valid route back to your office network (i.e. the .128 subnet)? Again, I would try 'ip route 207.97.177.128 255.255.255.128 Serial1.' Also, you have private address space (10.0.0.0) at your office but no NAT set up. I assume that you aren't trying to ping from that network. If you are pinging from the router, the source address used by default is supposed to be the address of the interface used to send the ping out. Since you are using unnumbered on your serial, I guess it should be using your public address assigned to e0. You can specify the source address with an extended ping just to be sure.

E0 protocol is up isn't it? I think one of the problems with unnumbered is that your serial will not function if the interface from which it gets its address is down (but don't hold me to that).

FYI: When I ping your .2 address I get a response every time. When I ping your .129, the first response I get is from your .2 router. Succeeding responses are from your ISP. They both report "TTL exceeded in transit." So even your route to .129 is no good for some reason or other.

I just noticed that your colo serial is set for ppp encapsulation while your office router is not. So by default it will be hdlc. That probably explains why I can't hit .129. You should really check the status of your interfaces before you start troubleshooting routes.

Since I have 2 ethernet interfaces on my Cisco 4000 (Office Router), so i have ocnfigured 10.0.0.1 on one interface and 207.97.177.129 on the other. The ping was sent from 207.97.177.130 host, which is on 207.97.177.128/25 network. I was able to ping the ethernet 207.97.177.129, but when it comes to ping 207.97.177.2, ICMP sent me a message host unreachable.

You will not able to ping the .129, since we it is down. Was having some problem with the CSU/DSU, the Line Protocol was not coming up on the Router.

But as far as the static routes that i have configured on the Colo router, they are fine right.

I had changed the encap to hdlc, since I was running a debug, debug serial interface, at that time I had also changed the encap on the colo router, I will change it back.

I think I am getting confused. You appear to be troubleshooting the link between your .0 subnet and your .128 subnet. Are you trying to ping accross that link in spite of the fact that the protocol is down? Or were you having problems pinging even when they were directly connected and the protocol was up?

As for your static route at colo, you say it is "fine right." But I think what you posted showed a route of 207.97.177.129 255.255.255.255. The argument could be made that since colo has an interface in one of the subnets, it knows how the network is subnetted and can make the appropriate decisions (although I'm not sure that is true). But as a matter of general practice, I'm not sure that defining routes to router interfaces is the way to go. Why not a route to 207.97.177.128 255.255.255.128? That would encompass others, like your .130 host.

Here I have 2 problems:

Connecting my routers to the Larscom Split-t CSU on the T1 loop is the first Problem. Things that I did to fix this problem is..1)I did a loopback and the protocol on one of the routers come up, depending the direction of the loopback. Say I have Router_A connected to CSU_A, and Router_B connected to CSU_B. So when I do a loopback on the CSU_B then the Line Protocol comes up on Router_A and vice-versa [THIS was on the T1 LOOP]. Then I have also tested having the CSU_A and CSU_B connected back0toback with a T1-cross connect and router's connected to each one of those CSU's [THIS IS T1 CROSS CONNECT], here the Serial0 is up and Line protocol comes up. This all was to test if the equipement wsa fine.

Second Problem that I have is the ip routes:

Let's follow the same scenario here. The Router_A is connnected to Router_B through the CSU's. Router_A is connected to ISP's router through the ethernet. Say Router_A is connected to a switch and ISP's router is also connected to the same ethernet switch. On one of the sub-interface's of the ethernet port ISP has 207.97.177.1 configured for my router. Since I have 2 route's in my Router_A

ip route 0.0.0.0 0.0.0.0 207.97.177.1

ip route 207.97.177.128 255.255.255.128 Serial1

This means that whatever packets I get if they are not belonging to 207.97.177.128 network they should be sent to 207.97.177.1. You are with me till here right. Then I have one ip route been set on Router_B

ip route 0.0.0.0 0.0.0.0 Serial0

Which means that whatever comes to this router will be sent to Router_A through the Serial 0.

Let me tell you as to what I can do over here..I can ping and traceroute from Router_B to anywhere on the public network. Now the problem that I get, when i connect my machine to the hub which is connected to the Ethernet 0 of Router_B [can refer the config that I have posted] and configure the TCP/IP on the Machine, with ip address 207.97.177.130, gateway 207.97.177.129 and subnet mask 255.255.255.128. Then I can ping the Cisco Ethernet0, ip address 207.97.177.129, I can also ping 207.97.177.2 which is on Router_A. But I cannot ping 207.97.177.1, the ip address on the ISP's router. So this way I am not able to go online with this box.

I hope this will clear some things that we have been discussing till now.

Thanks,

Amit Sonik

Ahh. now I understand!

to the colo router

remove "ip route 207.97.177.129 255.255.255.255 serial1"

add "ip route 207.97.177.128 255.255.255.128 Serial1"

add "ip route 10.0.0.0 255.255.255.0 Serial1"

nothing needs to be done to your office router

this should work ;)

Amit,

I think you have exonerated your T1 with the loopback troubleshooting. So the question centers on why the Cisco interfaces don't like one another. You had two different encapsulations (one HDLC and one PPP) a while back. Assuming that you changed the config so that they are both PPP, I would start doing some debugging. I would shut the serial interface at your office router. Go to enable mode and enter 'debug ppp negotiation' and 'debug ppp authentication.' Then no shut your interface and see where the problem is occurring.

As for your .130 host problem, I'm not sure what to tell you. Your static routes look good and you say you can ping and traceroute anywhere in the public network from the router. I'm confused about that since the link to the .129 router is still down. So I would suggest that you solve the first problem and then maybe someone can come up with an idea about your .130 host not being able to ping the ISP router interface or the public network.

Amit,

Here is something else for you to consider on your T1 problem. If you had either a logical or physical inversion on one side and not the other, you would have problems very similar to what you describe. For example, if you invert data at CSU B, the data going into the CSU gets inverted on the way out towards the network. It gets looped at router A. Coming back in from the network, the data gets inverted again - effectively "uninverting" it. So the circuit looks good and the protocol come up. However, in such a situation, when you go end-to-end, the data gets inverted on the way out and that is how router A gets if from CSU A. Also, data coming in from A gets inverted by CSU B, and that is how router B gets it. No protocol up on either end.

This is one possiblity anyway. Look closely at your CSU configs to ensure all is right.

Scenario 1

Data inverted on the CSU_A and Data normal on the CSU_B. Clock Normal on both the CSU's. I tested this, it doesn't work.

Scenario 2

Data inverted on the CSU_A and CSU_B doesn't work. Clock is normal.

Scenario 3

Data inverted on the CSU_A and CSU_B. Clock inverted on CSU_A and Clock normal on CSU_B. This also doesn't work.

Scenario 4

Data inverted on the CSU_A and CSU_B. Clock inverted on both the CSU's. This also doesn't work.

All this scenario's were tested on the T1 loop.

Then when I connect the 2 routers and csu's back-to-back with a T1 cross connect the Serial is up and the line protocol is up on the Data normal and Clock normal.

The last thing that I did, I have another T1 loop going to the sae colo. On that Loop, I have Adtran CSU on one side and I have a Osicom Router+CSU in the office. Here from the Adtran CSU, cable is connected to ISP's Router. This works just fine.

But then what i did was to connect the Cisco to the Adtran CSU, and line protocol comes up. I also configured the Osicom to speak with the Cisco 4500 at the Colo. But now if I connect my laptop to the Oscicom ethernet segment, I can't ping 207.97.177.1, this is the ip address on the ISP's Router.

The tracert command in the command window of my machine, tell's me that it can reach 207.97.177.2, which is configured on my Cisco 4500 (Colo Router), but after that it cannot resolve the ip address or the host.

Thanks,

Amit

OK. At least now I understand how you were pinging accross a down link. You were using the other circuit in a temporary test environment. Thats fine.

If the circuit comes up hardwired together, but not accross the actual circuit span, you would suspect the circuit. But you can bidirectionally loop either CSU and both routers come up. This requires a reasonably good circuit span. If the circuit is good but no protocol up, you would suspect a misconfiguration between the CSUs or between the routers. But in light of the fact that they work when hardwired together, that doesn't seem like the problem.

The only way to know if the CSUs are fully communicating end-to-end over a live circuit is to put test equipment on the drop side of each DSU. If data is good, clean, uninverted, and there are no clock slips, you can focus on the routers. If you don't have test equipment, you are stuck with the "is my protocol up?" approach that you have taken thus far. This is less than ideal. But you gotta do what you gotta do. So I would take it a step further if you have no choice but to continue with this methodology.

Can you build or put in place a physical loopback? For example, a DB25 connector with pins 2&14 looped to pins 3&16? In this way, if your protocol still comes up on the router on the opposite CSU, you are relatively assured that the FULL circuitry of both CSU/DSUs can operate over the live circuit. You have almost done that with the logical loopbacks. But, of course, the logical loopback never tests ALL of the hardware (and it's associated provisioning) in the box.

Desperate times call for desperate measures.